Kwelwild

http://www.youtube.com/watch?feature=player_embedded&v=xzsc3HsZQ_4 Description: This module will enumerate USB Drive history on a target host. Module Options SESSION - The session to run this module on. VERBOSE - Enable detailed status messages WORKSPACE - Specify the workspace for this module Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: https://www.youtube.com/watch?v=xzsc3HsZQ_4 Surs?: Windows Gather Usb Drive History Metasploit Module

Google offers data on FBI's national-security-related requests for user identities The FBI's headquarters in Washington, D.C. (Credit: FBI) Google today became the first Internet company to shed light on a highly secret -- and controversial -- warrantless electronic data-gathering technique used by the FBI. The technique allows FBI officials to send a secret request to Web and telecommunications companies requesting "name, address, length of service," and other information about users as long as it's relevant to a national security investigation. No court approval is necessary, and disclosing the existence of the FBI's request is not permitted. Because of that legal prohibition, Google was able to disclose only the numerical ranges of requests it receives per year. Today's addition to the company's Transparency Report says that the company received somewhere between zero and 999 requests from the FBI seeking data on its users, targeting a total of between 1,000 and 1,999 accounts last year. "The FBI has the authority to prohibit companies from talking about these requests," Richard Salgado, Google's legal director for law enforcement and information security who's a former Justice Department attorney, said in a blog post. "But we've been trying to find a way to provide more information about the NSLs we get -- particularly as people have voiced concerns about the increase in their use since 9/11." An FBI spokesman declined to comment to CNET on Google's publication of the NSL ranges. Excerpt from the national security letter, or NSL, that Nicholas Merrill received from the FBI. (Click for larger image.) (Credit: FBI) While the FBI's authority to levy the requests, called national security letters, or NSLs, predates the Patriot Act, it was that 2001 law that dramatically expanded NSLs by broadening their use beyond espionage-related investigations. The Patriot Act also authorized FBI officials across the country, instead of only in the bureau's Washington, D.C., headquarters, to send NSLs. (NSLs also permit warrantless access to records held by financial institutions, credit agencies, and travel agencies.) A 2007 report by the Justice Department's inspector general found "serious misuse" of NSLs, and FBI director Robert Mueller responded by pledging stricter internal controls. Mueller has called the investigative technique invaluable. When Nicholas Merrill, who ran an Internet provider, challenged the gag orders as unconstitutional, a federal judge in New York ruled the secrecy demands were an "unconstitutional prior restraint of speech in violation of the First Amendment." Congress responded by allowing recipients to challenge NSLs in court. The Internet Archive subsequently fended off an FBI NSL request for "any electronic communication transactional records" with the help of the ACLU and the Electronic Frontier Foundation. Google's description of how many national security letters, or NSLs, it received. (Click for larger image.) The inspector general's report (PDF) found that the FBI made 50,000 NSL requests in 2006, which provides only a partial glimpse of how the data-gathering power is used: one NSL could request a very large set of files, for instance. Google says its interpretation of the law -- other companies may view it differently -- means the FBI cannot use an NSL to "obtain anything else from Google, such as Gmail content, search queries, YouTube videos or user IP addresses." The NSL (PDF) sent to Merrill, however, is broader and asks for "electronic communication transactional records," a phrase that seems to sweep in Internet addresses and e-mail and Web browsing logs. Google said its statistics on NSL requests would be updated annually. "It would be great if this starts a trend in terms of other companies releasing this information," says Michelle Richardson, ACLU legislative counsel. "That would be fantastic." Surs?: Google offers data on FBI's national-security-related requests for user identities | Security & Privacy - CNET News

http://www.youtube.com/watch?feature=player_embedded&v=5FclbL4L1hU Description: Ghost Phisher is a computer security application that comes inbuilt with a Fake DNS Server, Fake DHCP Server, Fake HTTP server and also has an integrated area for automatic capture and logging of HTTP form method credentials to a database. The program could be used as an honeypot, could be used to service DHCP request , DNS requests or phishing attacks Requirements: python, python-qt4, dhcp3-server, ettercap-gtk Downloads - ghost-phisher - GUI suite for phishing and penetration attacks - Google Project Hosting Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Security Tool :- Ghost Phisher tool - YouTube Surs?: Security Tool :- Ghost Phisher Tool

http://www.youtube.com/watch?v=0iDEcHVec-o&feature=player_embedded Description: So you want to DDOS but you don't have any friends? You can do this with pyloris and tor. Pyloris is a python program so you'll need python to run it obviously. Lets talk about what your going to be doing so you know how it works. If you don't care how it works you can skip this part. A normal DDOS works by overwhelming there server with complete connectio PyLoris | Free software downloads at SourceForge.net Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Security Tool :- Pyloris DDOS tool - YouTube Surs?: Security Tool :- Pyloris Ddos Tool

Description: a worm programmed in c which exploits rpc dcom vulnerability in windows xp to spread on the network source code: http://www.meajay.in/static/proj/worm-source.rar Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Worm Demonstration

The Pirate Bay ar putea gasi gazduire in Coreea de Nord. Ideea a venit chiar de la Phenian Nu cu multa vreme in urma, site-ul de torrenti a 'parasit' Suedia din cauza "persecutiilor", temporarele 'resedinte' fiind Norvegia si Spania. Conform unei postari chiar pe site-ul sau oficial, The Pirate Bay afirma ca si-ar putea muta serverele in Coreea de Nord, la invitatia autoritatilor de la Phenian. Tara asiatica cere si un mic 'serviciu': corabia de pe sigla site-ului va avea pe catarg steagul nord-coreean. "Ne luptam pentru o lume libera, corporatiile mari din Statele Unite fiind cele care se opun. Vorbim despre tara care garanteaza libertatea si libertatea de expresie", se arata intr-un comunicat publicat pe site-ul The Pirate Bay. Serverele site-ului au fost mutate in Norvegia si Spania dupa ce Partidul Piratilor din Suedia, sustinator al The Pirate Bay, a fost actionat in justitie pentru incurajarea incalcarii drepturilor proprietate. Coreea de Nord a facut un mare pas inainte in ceea ce priveste accesul la internet la finalul lunii februarie: utilizatorii de telefoane mobile vor putea folosi reteaua 3G pentru a naviga si a posta pe retelele de socializare. Surs?: The Pirate Bay ar putea gasi gazduire in Coreea de Nord. Ideea a venit chiar de la Phenian - www.yoda.ro

Description: In this video I will show you how to exploit Apache Axis2 Web Services. The exploitation of an issue in an Axis2 Web service and how using this issues it is possible to retrieve arbitrary files. Then using this, we will see how an attacker can retrieve Tomcat users' file to access the Tomcat Manager and gain commands execution on the server. More Advanced Information: - https://www.pentesterlab.com/axis2_and_tomcat_manager/axis2_and_tomcat_manager.pdf Vulnerable OS: - https://www.pentesterlab.com/axis2_and_tomcat_manager/axis2_and_tomcat_manager.iso Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Apache Axis2 And Tomcat Manager Exploitation

Description: Patator is developed by Sebastien Macke. In this video I will show you how to use Patator for a Brute-Force Attack and DNS Forward and reverse lookup. Patator is a multi-purpose brute-force, with a modular design and a flexible usage. Usage : - patator - Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage. - Google Project Hosting Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Patator -- Brute-Force Attack And Dns Reverse And Forward Lookup

Another Easy Way To Get Wpa Handshake Description: You will see in this video about how an attacker can get the WPA Handshake without sending any deauthentication packet. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Another Easy Way To Get Wpa Handshake

Kaspersky Internet Security 2013 - Denial Of Service Vulnerability I usually do not write security advisories unless absolutely necessary. This time I should, however I have neither the time, nor the desire to do so. But Kaspersky did not react, so ... quick and dirty: Kaspersky Internet Security 2013 (and any other Kaspersky product which includes the firewall funcionality) is susceptible to a remote system freeze. As of the 3rd March 2013, the bug is still unfixed. If IPv6 connectivity to a victim is possible (which is always the case on local networks), a fragmented packet with multiple but one large extension header leads to a complete freeze of the operating system. No log message or warning window is generated, nor is the system able to perform any task. To test: 1. download the thc-ipv6 IPv6 protocol attack suite for Linux from www.thc.org/thc-ipv6 2. compile the tools with "make" 3. run the following tool on the target: firewall6 <interface> <target> <port> 19 where interface is the network interface (e.g. eth0) target is the IPv6 address of the victim (e.g. ff02::1) port is any tcp port, doesnt matter which (e.g. 80) and 19 is the test case number. The test case numbers 18, 19, 20 and 21 lead to a remote system freeze. Solution: Remove the Kaspersky Anti-Virus NDIS 6 Filter from all network interfaces or uninstall the Kaspersky software until a fix is provided. The bug was reported to Kaspersky first on the 21st January 2013, then reminded on the 14th Feburary 2013. No feedback was given by Kaspersky, and the reminder contained a warning that without feedback the bug would be disclosed on this day. So here we are. Greets, Marc Heuse -- Marc Heuse www.mh-sec.de PGP: FEDD 5B50 C087 F8DF 5CB9 876F 7FDD E533 BF4F 891A Surs?: Kaspersky Internet Security 2013 - Denial Of Service Vulnerability

Financial Times: Investitorii renunta la actiuni Apple si se orienteaza catre Google Actiunile Apple au coborat la un nou minim al ultimelor 12 luni, in timp ce cotatia Google a urcat la un maxim record, situatie care reflecta incercarile Wall Street de a pastra ritmul cu schimbarile rapide de pe piata smartphone-urilor. Schimbarea opiniilor investitorilor referitor la perspectivele celor doua companii a condus la o reajustare surprinzatoare a valorii acestora, Google urcand de la circa o treime din valoarea Apple in urma cu sase luni la aproximativ doua treimi, 267 de miliarde de dolari, la sfarsitul sedintei bursiere de luni in SUA. Capitalizarea Apple s-a situat sub pragul de 400 de miliarde de dolari pentru prima data in peste un an. Informatiile ca Apple ar putea introduce un smart watch chiar in acest an, precum si sustinerea aratata de miliardarul Warren Buffet directoului general al Apple, Tim Cook, nu au putut limita declinul actiunilor companiei, aflate acum cu 40% sub nivelul maxim. Unii investitori Apple, in frunte cu David Einhorn - de la Greenlight Capital, au incercat sa determine conducerea Apple sa plateasca actionarilor mai mult din fondurile acumulate de 137 de miliarde de dolari. Buffet a declarat, luni, la CNBC, ca daca s-ar afla in locul lui Cook "l-ar ignora" pe Einhorn, dar a adaugat ca l-a sfatuit pe cofondatorul Apple, Steve Jobs, sa rascumpere actiuni ale companiei. "As conduce afacerea pentru a crea maxim de valoare in 5-10 ani. Nu poti conduce o afacere pentru a impinge in sus pretul actiunilor in fiecare zi. Cred ca Apple a facut o treaba buna generand valoare. Cred, de asemenea, ca s-ar putea sa aiba prea multi bani", a spus el. Evolutia slaba a Apple din ultima perioada se afla in contrast cu cea a Google, care a urcat pe bursa cu 15% de la inceputul anului. Google a inchis sedinta in crestere cu 1,9%, la 821,12 dolari, un nou record, in timp ce Apple a coborat cu 2,55, la 419,57 dolari. Surs?: Financial Times: Investitorii renunta la actiuni Apple si se orienteaza catre Google

Oracle issues emergency Java update to patch vulnerabilities After hackers attack a new flaw in Java, "Oracle decided to release a fix for this vulnerability and another closely related bug as soon as possible." In response to discovering that hackers were actively exploiting two vulnerabilities in Java running in Web browsers, Oracle has released an emergency patch that it says should deal with the problem. "These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password," Oracle wrote in a security alert today. "For an exploit to be successful, an unsuspecting user running an affected release in a browser must visit a malicious web page that leverages these vulnerabilities. Successful exploits can impact the availability, integrity, and confidentiality of the user's system." Hackers were recently found using one of the vulnerabilities to get into users' computers and install McRAT malware. Once installed, McRAT works to contact command, control servers, and copy itself into all files in Windows systems. Only days after scheduling its last zero-day vulnerability in February, Oracle found these two new exploits. Rather than wait to include the patch in its scheduled quarterly April update, Oracle issued the emergency patch today. "In order to help maintain the security posture of all Java SE users, Oracle decided to release a fix for this vulnerability and another closely related bug as soon as possible," Oracle software security assurance director Eric Maurice wrote in a blog post today. It's been a tough go for Oracle over the past couple of months. Several companies, including Apple and Facebook, have said that hackers infiltrated their computer networks via a vulnerability in the Java plug-in for browsers. In January, Apple blocked Java from some of its Macs using its XProtect antimalware tool -- citing security vulnerabilities. The U.S. Department of Homeland Security also announced in January that computer users should disable Java on their Web browsers saying that unpatched vulnerabilities could still possibly be out there. According to Oracle, the most recent vulnerabilities are only applicable to Java running in Web browsers -- they don't affect Java running on servers, standalone Java desktop applications, or embedded Java applications. They also do not affect Oracle server-based software. Users can install and update their Java software by going to the Java Web site or through the Java auto update. Surs?: Oracle issues emergency Java update to patch vulnerabilities | Security & Privacy - CNET News

Probleme la serviciul de comenzi de pe Amazon. Ce mesaj au intampinat utilizatorii Surpriza neplacuta pentru cei care au incercat sa isi finalizeze comenzile de produse de pe Amazon in urma cu 24 de ore. Conform VentureBeat.com, Amazon a intampinat in ultimele 24 de ore cateva probleme la serviciul de finalizare a comenzilor, pagina afisand mesajul "error 404". Problemele "jenante pentru o companie care se lauda cu stabilitatea site-ului sau", conform VentureBeat, au fost anuntate pe Twitter de cativa utilizatori. Surs?: Probleme la serviciul de comenzi de pe Amazon. Ce mesaj au intampinat utilizatorii - www.yoda.ro

Yahoo si-a spionat angajatii: de ce le-a fost interzis acestora sa mai lucreze de acasa Presedintele Yahoo!, Marissa Mayer, a descoperit ca multi dintre angatii companiei profitau de faptul ca lucrau de la distanta, relateaza Marissa Mayer, CEO-ul de la Yahoo!, a luat saptamana trecuta decizia de a le interzice angajatilor sa mai lucreze de la distanta dupa ce a urmarit si verificat de cate ori angajatii care lucreaza de acasa se logheaza in reteaua companiei si a descoperit ca nu era suficient. Saptamna trecuta, angajatii Yahoo! care lucreaza de la domiciliu au fost anuntatati ca sunt obligati de companie sa isi desfasoare activitatea la birou. Jackie Reses, sefa departamentului Resurse Umane din cadrul companiei, i-a somat pe cei care lucreaza de acasa sa se intoarca la birou pana in luna iunie a acestui an. Masura a starnit nemultumire printre angajati, mai ales printre femeile cu copii. Intr-o intalnire de saptamana trecuta, Marissa Mayer s-a aratat nemultumita de faptul ca angajatii nu s-au logat suficient de des in reteaua companiei si e de parere ca multi dintre ei profitau de acest avantaj, relateaza AllThingsD. Acest lucru a dus la luarea deciziei de a interzice munca de acasa in cazul angajatilor. Hotararea a creat indignare printre mamele angajate la Yahoo!, in timp ce alte companii din Silicon Valley au blamat ipocrizia conducerii de la Yahoo!, mai ales ca Marissa Mayer a alocat recent un spatiu special in birou pentru copilul ei. Cei care nu vor respecta aceste reguli vor fi obligati sa-si prezinte demisia. Conform unei surse apropiate, citate de Business Insider, Yahoo! are in prezent un numar urias de angajati care lucreaza de acasa, o mare parte a acestora fiind "neproductivi". Intr-un documentar recent, numit Makers, Marissa Mayer critica feminismul si explica abordarea ei in cazul egalitatii femeilor. "Nu ma consider o feminista. Cred in drepturi egale pentru femei. Cred ca ele sunt la fel de capabile ca barbatii, daca nu mai capabile in anumite aspecte (…) Insa, cred ca feminismul a devenit un cuvant negativ. Sunt multe oportunitati uimitoare peste tot in lume pentru femei si cred ca rezultatul este mai bun daca te inconjori de energie pozitiva, si nu negativa”. Surs?: Yahoo si-a spionat angajatii: de ce le-a fost interzis acestora sa mai lucreze de acasa

Description: Syringe.exe, is detected by most anti-virus ..use the technique (Hex) to remove the signatures ... You can find more methods ... Ida ollydbg until the next Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Bypass Syringe Powerfull (Metasploit)

Salut, bine ai venit. Dac? vrei s? creezi programe, învat? C++ m?car la nivel mediu ca s? te po?i descurca la partea de cod.

Recomand Python, Pascal sau C++

http://www.youtube.com/watch?feature=player_embedded&v=XNmKOsZ35bo Description: The dumplinks module is a modified port of Harlan Carvey's lslnk.pl Perl script. This module will parse .lnk files from a user's Recent Documents folder and Microsoft Office's Recent Documents folder, if present. Windows creates these link files automatically for many common file types. The .lnk files contain time stamps, file locations, including share names, volume serial numbers, and more. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: https://www.youtube.com/watch?v=XNmKOsZ35bo Surs?: Windows Gather Dump Recent Files Lnk Info Metasploit Module

La partea de design arat? destul de bine dup? p?rerea mea, dar sunt prea multe categorii care nu î?i au rostul.

Vorbitorii de limba romana, pe locul 8 in lume ca tinta a mesajelor spam Marea majoritate a mesajelor spam (mesaje promotionale nesolicitate) sunt in limba engleza, in timp ce limba romana este pe locul 8 in lume, cu 1% din mesajele spam transmise pe internet, potrivit unui raport realizat de Cisco. Astfel, 79% din mesajele spam care au circulat anul trecut pe internet au fost in limba engleza, urmata de limba rusa (5%), catalana (3%), japoneza (3%), daneza (2%), respectiv germana, franceza, romana, spaniola si chineza (1% fiecare), potrivit raportului anual privind securitatea informatica publicat de Cisco. Cele mai multe mesaje spam au provenit in 2012 din India (12,3%), urmata de Statele Unite (11,3%), care au urcat de locul 6 in 2011 pana pe pozitia a doua ca tara de origine. Pe locul al treilea este Coreea de Sud, cu 4,6% din mesajele spam, urmata de China (4,19%), Vietnam (4%), Rusia (3,8%), Brazilia (3,6%), Arabia Saudita (3,6%), Taiwan (2,9%) si Polonia (2,7%). Spammerii iau masuri pentru a asigura ca mesajele lor au un impact cat mai mare cu eforturi minime: volumul mesajelor spam este cu 25% mai redus in weekend decat in timpul saptamanii, respectiv cu 10% mai mare martea si miercurea, potrivit studiului Cisco. Strategia creatorilor de mesaje spam devine tot mai elaborata de la an la an. In 2012, spammerii au desfasurat campanii atent puse la punct, dezvoltate in jurul a diverse evenimente de interes international, precum furtuna Sandy. Majoritatea spammerilor creeaza mesaje in limba care le asigura cea mai mare expunere, tintind populatia care utilizeaza regulat email-ul. Astfel a aparut un decalaj vizibil intre limbile vorbite in tarile de origine ale mesajelor spam si limbile intalnite predominant in aceste mesaje. Niciunul dintre dialectele vorbite in India nu a intrat in top 10, situatie intalnita si in cazul Coreei, Vietnamului si Chinei. Studiul Cisco releva totodata ca 3% din mesajele spam au atasamente, fata de 25% pentru email-ul valid, insa fisierele atasate mesajelor nedorite sunt in medie cu 18% mai mari. Mesajele spam sunt in continuare un instrument pentru raspandirea de malware, insa spammerii prefera link-urile, incercand sa convinga utilizatorii sa viziteze site-uri cu continut dubios. Surs?: Vorbitorii de limba romana, pe locul 8 in lume ca tinta a mesajelor spam - www.yoda.ro

Yahoo va inchide 7 produse, inclusiv aplicatia pentru BlackBerry si Yahoo Avatars 7 produse Yahoo care nu au avut succes vor fi inchise, la care se alatura aproximativ 50 de aplicatii. Dar vestea cea mai importanta nu este asta. Guardian citeaza o postare de pe blogul oficial Yahoo, care anunta ca Marissa Mayer a decis sa inchida alaturi de aceste produse si aplicatia pentru BlackBerry. "Intrebarea critica pe care noi o punem este daca experienta cu aceste aplicatii este in realitate un proces pe care il parcurgeti zilnic si care inca va foloseste", a scris Jay Rossiter, vicepresedintele executiv de la Yahoo. Mai mult, Marissa Mayer a decis ca Yahoo sa ramana la 12 - 15 aplicatii pentru telefoanele mobile, in locul celor 70 pe care le are in acest moment. Data pana la care utilizatorii vor mai putea sa-si descarce aplicatia Yahoo pentru BlackBerry este 1 aprilie, zi in care Yahoo va renunta si la Yahoo Avatars, Yahoo App Search, Yahoo Sports IQ, Yahoo Clues, site-ul Yahoo Message Boards si Yahoo Updates API. Surs?: Yahoo va inchide 7 produse, inclusiv aplicatia pentru BlackBerry, dar si Yahoo Avatars - www.yoda.ro

Description: This Video Is The Extension Or the challenge part of part 7 of hack of the day video series Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Rce Injection Over Dvwa

PM Sent!

Description: Hey my friends I made a small tutorial on integrating DNS in Metasploit backdoor executables. If you don’t know about creating backdoors please refer my previous tutorial Making Backdoors With Msfvenom .I think most of you know how to configure RATs. We use a DNS because our external IP changes every time. So a normal reverse_tcp connects like this. Victim’s internal IP--->Victim’s external IP---> Attacker’s external IP---> Attacker’s Internal IP But most of the time the Attacker’s External IP is Dynamic and changes. For that we can use a free domain name server such as No-IP. First of all create an account on No-IP and configure your DUC client correctly. Next make sure you port forward you router to a new internal IP. That is your Back Track machine. Use a bridged connection in Network settings because we are going to add our BT machine to our internal IP Range. So here we use the payload as windows/meterpreter/reverse_tcp_dns in making our backdoor. As the DUC client sends our External IP and updates our no-ip domain DNS is acting static. This is how it works. Victim’s internal IP---> Victim’s external IP---> Attacker’s DNS--->Attacker’s external IP---> Attacker’s Internal IP Set the LHOST to your no-ip domain, mine is (boomboom.no-ip.com). Set the LPORT to your forwarded port for the BT machine. Those are things new we should modify in making our backdoor the rest are normal. Now launch metasploit and use the multi/handler exploit which handles exploits outside the network. Set the LHOST to your internal IP which BT has been assigned. Set LPORT to your forwarded port number and exploit. Once the victim opens the backdoor it back connects through the DNS to our IP successfully. Now you can use that at any time because of DNS, it will be little similar to RATs. Making it FUD and undetectable is up to you. This video is just a demonstration and Special Thanx to Max for acting as the victim and helping me making this video in real world. Use this for Educational Purposes Only and I am not responsible for the damage you cause. Thank You. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Using Dns In Metasploit Bacdoors